![]() Like Bret said, if you have multiple people on a network that have the DNS updater and the location uses OpenDNS forwarders, you'll see conflicting filtering sessions going on. So, the user hops onto WiFi, the updater takes over, and now the company WAN IP is associated with that person's account.and, since the company is using OpenDNS forwarders, all requests from any user on that network coming out same public interface our home user is, now all web traffic is filtered according to the home user's account settings. Now, the company didn't create any account for use with OpenDNS, so the network/WAN IP is not spoken for yet in OpenDNS's system. ![]() That outbound public access is now heading out the same interface and uses the same public IP address that the company uses for business use. He walks into a business that uses OpenDNS forwarders (but no account set up) and turns on his laptop and access the company's free WIFI. This person also installed the DNS updater tool. Say a regular user comes in with their laptop, and also uses OpenDNS at home. He's using OpenDNS for forwarding purposes only. Say an IT administrator sets up OpenDNS forwarders on his network, and does NOT set up the account tying his company's static IP address to a network in their system (and even this sounds like it doesn't always work the way you want it to). You can block/lock down BYOD all you want, if you set up your guest network to use the same public IP as your business network, it won't matter. Most small businesses will use the same outbound interface (read: same external IP address for internal network vs. I will say, there's one thing that I didn't understand, and that was the bit about accounts.you can create an account as a business and use OpenDNS premium (which is still free and you can set up your network here, but like Bret said, it doesn't seem to matter if you set up 'no filtering' or not - your settings can still get hijacked)īut - at the risk of repeating myself: I don't think some of you are completely grasping this. Ps - If you are a business and want the filtering and malware protection, we sell (not free) not only the network/IP level protection but also more advanced options including ones that allow Active Directory Integration, private IP/NAT IP range filtering rules and an endpoint agent that does not rely on public IPs. Worst case scenario, set up a cron job on something at the office to update dynamic IPs by running:Ĭurl -user USERNAME:PASSWORD " https:/ Opens a new window / / nic/ update? hostname=NETWORK_LABEL" You may also be able to set up dynamic IP updates from your router if you are running DD-WRT. I would recommend running the updater on your forwarder to keep the office IP updated. https:/ Opens a new window / / get/ premium-dns. You can set up an unlimited number of networks in this setup and can prevent having your network get someone's home settings. As an added bonus, you get free reporting on your office's Internet usage. Otherwise it will get an error that the IP address you are on is not yours.Īs JonShultz pointed out, if you use OpenDNS for DNS only (no filtering, no malware protection) at work, you can sign up for a free business account. The Dynamic IP updater will only work if the IP you are on is not already registered as a static IP based network or is a dynamic IP defined network that has not been recently updated. Product Manager for OpenDNS jumping in here. Seems like maybe, just maybe, this wasn't thought out very well. Still.this could cause serious problems with those companies that are using OpenDNS as a forwarder but haven't set up any kind of account - which, if you want to use OpenDNS for free, you can't or are not supposed to do.Ĭan someone else try this out and verify this for me? I'm assuming that this works only if a systems admin has NOT created an OpenDNS account and defined the corporate/external network IP in the OpenDNS settings. Since your workplace uses OpenDNS as forwarders, all content defined in your block list will now be blocked for your company. It then establishes your work network/external IP as the current filtering network, then applies all of your OpenDNS filter settings to the external IP of your workplace. You go to work with your laptop, boot it up, let the updater run. Why does this work? You have set up your home OpenDNS account to block your network as defined by your dynamic updater tool. you have the capability of inadvertently filtering your company's (or whatever web traffic that is being used on that interface) traffic without needing to be an administrator. and the laptop has the DNS Updater tool installed. and have a laptop that you use at home and work.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |